Goal-directed weakening of abstract interpretation results

Seo, Sunae; Yang, Hongseok; Yi, Kwangkeun; Han, Tian

doi:10.1145/1286821.1286830

Cited by 7 publications

(2 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In a follow up of [Seo et al 2003], Seo, Yang, Yi and Han [Seo et al 2007] develop slicing methods to remove unused parts of the specification, simplifying the next proof-producing phase.…”

Section: Certifying Compilation and Analysis; Type-and Proof-preservimentioning

confidence: 99%

An Abstract Model of Certificate Translation

Barthe

Kunz

2011

ACM Trans. Program. Lang. Syst.

View full text Add to dashboard Cite

A certificate is a mathematical object that can be used to establish that a piece of mobile code satisfies some security policy. In general, certificates cannot be generated automatically. There is thus an interest in developing methods to reuse certificates generated for source code to provide strong guarantees of the compiled code correctness. Certificate translation is a method to transform certificates of program correctness along semantically justified program transformations. These methods have been developed in previous work, but they were strongly dependent on particular programming and verification settings. This article provides a more general development in the setting of abstract interpretation, showing the scalability of certificate translation.

show abstract

“…In a follow up of [Seo et al 2003], Seo, Yang, Yi and Han [Seo et al 2007] develop slicing methods to remove unused parts of the specification, simplifying the next proof-producing phase.…”

Section: Certifying Compilation and Analysis; Type-and Proof-preservimentioning

confidence: 99%

An Abstract Model of Certificate Translation

Barthe

Kunz

2011

ACM Trans. Program. Lang. Syst.

View full text Add to dashboard Cite

show abstract

“…Such pruning algorithms were independently studied by Seo, Yang, Yi and Han [SYYH07]. The problem that we consider here is different: the goal is not to get a maximal witness in a given lattice, but to get a witness without conjunction, a property that is not monotone.…”

Section: Pruningmentioning

confidence: 99%

Computing Stack Maps with Interfaces

Besson

Jensen

Turpin

ECOOP 2008 – Object-Oriented Programming

View full text Add to dashboard Cite

Lightweight bytecode verification uses stack maps to annotate Java bytecode programs with type information so that the checker only has to validate this typing, without having to do any data flow analysis. This report describes an improved analysis technique together with algorithms for optimizing the stack maps generated by the analyser. The improved analyser is based on a modified version of the abstract domain. This domain is simplified in its treatment of base values, keeping only the necessary information to ensure the memory safety property. It is richer in its representation of interface types, using the known Dedekind-MacNeille completion technique to construct abstract domain elements representing sets of interfaces. Tracking interface information allows to remove the dynamic checks at interface method invocations. We prove the memory safety property guaranteed by the verifier using an operational semantics whose distinguishing feature is a low-level memory model operating on untagged 32-bit values, as opposed to the standard, higherlevel memory models using tagged base values. For bytecode that is typable without sets of types (this includes any code compiled from Java) we show how to prune the fix-point to obtain a stack map that can be validated without the interface set computations arising from this extension. In the context of lightweight verification, this is an advantage as it does not make the checking more complex or costly. The size of the stack maps is not significantly modified. Experiments show that the pruning can be done by reasonably efficient (though in theory exponential) algorithms that uses heuristics to explore the space of valid program typings from the least fixpoint generated by the analyser. Stack maps for three substantial test suites were correctly handled by the optimized (but incomplete) pruning algorithm. Calcul de certificats avec interfacesRésumé : La vérification de bytecode "lightweight" utilise des certificats pour anotter les programmes en bytecode Java avec une information de type, de telle sorte que le verifieur de bytecode n'ait plus qu'à vérifier ce typage, sans avoir besoin de faire une quelconque analyse de flot de données. Nous décrivons une technique de vérification améliorée, coupléeà des algorithmes qui optimisent les certificats générés par l'analyseur. L'analyseur amélioré est fondé sur une version modifiée du domaine abstrait pour la vérification de bytecode. Ce domaine est simplifié en ce qui concerne le traitement des valeurs de base, et conserve seulement l'information nécessaire pour assurer la propriété de sûreté mémoire. Il est plus riche dans sa représentation des types interfaces, utilisant la technique connue de complétion de Dedekind-MacNeille pour construire deséléments du domaine abstrait qui représentent des ensembles d'interfaces. La vérification des interfaces permet de supprimer les contrôles dynamiques lors des appels de méthodes d'interfaces. Nous prouvons que la propriété de sûreté mémoire garantie par le vérifieur est assur...

show abstract

Speed Up Configurable Certificate Validation by Certificate Reduction and Partitioning

Jakobs

2015

Software Engineering and Formal Methods

View full text Add to dashboard Cite

Goal-directed weakening of abstract interpretation results

Cited by 7 publications

References 43 publications

An Abstract Model of Certificate Translation

An Abstract Model of Certificate Translation

Computing Stack Maps with Interfaces

Speed Up Configurable Certificate Validation by Certificate Reduction and Partitioning

Contact Info

Product

Resources

About